e8e969524f
Update to 4.19.128
2020-07-04 00:01:02 +02:00
f18033fc81
[rt] Update to 4.19.127-rt55
2020-07-04 00:01:02 +02:00
4def4480dc
Cleanup debian/changelog file
2020-07-04 00:01:02 +02:00
88c2a1700c
Drop "mm: Fix mremap not considering huge pmd devmap"
2020-07-04 00:01:02 +02:00
edd77f41b6
Drop "kernel/relay.c: handle alloc_percpu returning NULL in relay_open"
2020-07-04 00:01:02 +02:00
add8d4a958
Update to 4.19.127
2020-07-04 00:01:02 +02:00
bb9075b317
Cleanup debian/changelog file
2020-07-04 00:01:02 +02:00
02e36515d0
Drop "fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()"
2020-07-04 00:01:02 +02:00
ac846f6f50
Update to 4.19.126
2020-07-04 00:01:02 +02:00
e65ef48d77
Cleanup debian/changelog file
2020-07-04 00:01:02 +02:00
ce4504d627
Drop "KVM: SVM: Fix potential memory leak in svm_cpu_init()"
2020-07-04 00:01:02 +02:00
14807e183a
Update to 4.19.125
2020-07-04 00:01:02 +02:00
0d97b373b5
[rt] Update to 4.19.124-rt53
2020-07-04 00:01:02 +02:00
2539d079ec
Cleanup debian/changelog file
2020-07-04 00:01:02 +02:00
c678e8796f
Drop "netlabel: cope with NULL catmap"
2020-07-04 00:01:02 +02:00
5ce8dbd0e7
Drop "USB: gadget: fix illegal array access in binding with UDC"
2020-07-04 00:01:02 +02:00
913f8220e0
Drop "scsi: sg: add sg_remove_request in sg_write"
2020-07-04 00:01:02 +02:00
1965b86044
Update to 4.19.124
2020-07-04 00:01:02 +02:00
4fa587f9e9
Cleanup debian/changelog file
2020-07-04 00:01:02 +02:00
51a98b1181
Update to 4.19.123
2020-07-04 00:01:01 +02:00
d718b4c896
Cleanup debian/changelog file
2020-07-04 00:01:01 +02:00
5b1f1c0bc8
Update to 4.19.122
2020-07-04 00:01:01 +02:00
42d1728b42
Cleanup debian/changelog file
2020-07-04 00:01:01 +02:00
790b310863
Drop "selinux: properly handle multiple messages in selinux_netlink_send()"
2020-07-04 00:01:01 +02:00
7cbcb7e493
Drop "ALSA: pcm: oss: Place the plugin buffer overflow checks correctly"
2020-07-04 00:01:01 +02:00
c4c46fdfc9
Update to 4.19.121
2020-07-04 00:01:01 +02:00
a370ac98d7
[rt] Update to 4.19.120-rt52
2020-07-04 00:01:01 +02:00
32614f10eb
Cleanup debian/changelog file
2020-07-04 00:01:01 +02:00
635674d4ea
Drop "propagate_one(): mnt_set_mountpoint() needs mount_lock"
2020-07-04 00:01:01 +02:00
148d556059
Drop "include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap"
2020-07-04 00:01:01 +02:00
eef870f560
Update to 4.19.120
2020-07-04 00:01:01 +02:00
50c56f920e
Cleanup debian/changelog file
2020-07-04 00:01:01 +02:00
576d33f2b5
Drop pre-requisites and patches for CVE-2019-3016
2020-07-04 00:01:01 +02:00
f78b782f82
Drop "USB: core: Fix free-while-in-use bug in the USB S-Glibrary"
2020-07-04 00:01:01 +02:00
2c60bfb6ed
Drop "fs/namespace.c: fix mountpoint reference counter race"
2020-07-04 00:01:01 +02:00
46e6098888
Drop "s390/mm: fix page table upgrade vs 2ndary address mode accesses"
2020-07-04 00:01:01 +02:00
d8230a09d2
Drop "blktrace: fix dereference after null check"
2020-07-04 00:01:01 +02:00
f6a9de8ee5
Drop "blktrace: Protect q->blk_trace with RCU"
2020-07-04 00:01:01 +02:00
e7da2d7b4f
Drop "net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup"
2020-07-04 00:01:01 +02:00
a3892db44e
Drop "net: ipv6: add net argument to ip6_dst_lookup_flow"
2020-07-04 00:01:01 +02:00
b4e9757aa9
Drop "f2fs: fix to avoid memory leakage in f2fs_listxattr"
2020-07-04 00:01:01 +02:00
ed2fd52462
Update to 4.19.119
2020-07-04 00:01:01 +02:00
0c35cc337b
nfsd: apply umask on fs without ACL support
...
Closes : #962254
2020-06-26 22:55:39 +02:00
1e3e001c12
apparmor: don't try to replace stale label in ptraceme check
...
Closes : #963493
2020-06-26 22:04:24 +02:00
6da8aff445
[rt] Add new signing key for Tom Zanussi
2020-06-22 14:50:01 +02:00
ec2ba4830d
Release linux (4.19.118-2+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7dP21fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ENh0P/iBzOTwQQrbR2hhYjkf6/rOMmgt4/WRe
SX+YZO7YC2F63Cbz0eGJLa1Y7WMQkmPvrpwoKm8HtFq16SFXp2JMRMxI6NygEGcC
i3Z86z26ik+qLLqeSCIigfRTZfFRT6o3wIFaOUS5AKUMBIbneELk70FyyFJ5g6gs
BSjPsL0+9L3B8eqg7NK8E4ueiX791v9wyYqpMDfG+AkL5PTuL3XY2VmSs1Vzv63I
WUpV0Ekpdpx7+PgQkO0gJRb/wFTHZdjMn5GR247awwVD0uxecQCmMxevmw+yzmma
S9OSeBsIEhmvRqTUMChjJsLqfF5++1ywRdoAzxnczIi3VpfIkDoFxZ569AQPQA9R
RxGhM2QrlyzQYtAmnk6lnu5WzSNxSuesI9/Km5X+dBCAFegHMuhnwF+ti2D5WHhW
yzt6hz1Zk7tJe4UgURRQVSAHPwK1Xg9Jlp9jGB20AKAhgIFFvALMDoYXlAbYEfhf
s8m1u0UVdrNCW86JetfchlwSUNJOwFufTBrEnSrxLDr6qG9XWVCLO5xvIJUBjXx2
3AxCbsYtfZOFDMCBzYzVCWACJn9Nl/Q/59j8YzDiy3xTPTpUY4g5nyonWXyRuUrB
1tp4UCL9yQIRvhzHtp/NfecPdCCp8EkufAK3X2VOWmMUjwAT4VvxKck9fuxdixHo
FlU/U03e8vPT
=8WdB
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.118-2+deb10u1' into buster
Release linux (4.19.118-2+deb10u1).
2020-06-14 10:46:38 +02:00
0da00be7e6
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
...
Closes : #960493
2020-06-14 10:40:03 +02:00
51ce7dd8b3
Prepare to release linux (4.19.118-2+deb10u1).
2020-06-07 17:42:22 +02:00
6a8dd1c6b0
Merge branch 'buster-security' into buster-security-embargoed
2020-06-07 01:35:25 +01:00
da82e531d8
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
...
Closes : #960271
(cherry picked from commit a4fb2a7b76
2020-06-07 01:32:53 +01:00
22423990cd
Drop "KVM: VMX: Zero out *all* general purpose registers after VM-Exit"
...
This is not needed to fix CVE-2019-3016, and is addressing an issue
that's so far theoretical. It also needs a further fix to avoid
causing a more serious regression (depending on the compiler
behaviour).
2020-06-07 01:17:04 +01:00
ff5ad5a3d1
propagate_one(): mnt_set_mountpoint() needs mount_lock
...
A similar issue to CVE-2020-12114.
2020-06-07 00:46:11 +01:00
6e26711704
Add fixes for CVE-2019-3016
...
Cherry-pick 11 commits from the 4.19.118 including prerequisited to
adress CVE-2019-3016.
2020-06-06 10:35:47 +02:00
789f116fbc
mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757)
2020-06-05 12:34:34 +02:00
50bf5b3b3d
kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462)
2020-06-05 12:30:40 +02:00
7fc7c96d6e
fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732)
2020-06-03 07:42:07 +02:00
2222852cc1
netlabel: cope with NULL catmap (CVE-2020-10711)
2020-06-02 20:27:49 +02:00
888eb1f799
USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143)
2020-05-29 21:35:13 +02:00
aefd886eef
scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770)
2020-05-29 21:23:18 +02:00
92ed2f689a
[x86] KVM: SVM: Fix potential memory leak in svm_cpu_init() (CVE-2020-12768)
2020-05-29 14:03:17 +02:00
2fe68e87e7
USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464)
2020-05-29 13:49:18 +02:00
34284455a6
fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114)
2020-05-28 23:34:11 +02:00
b3b40efebd
selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751)
2020-05-28 23:02:50 +02:00
a4fb2a7b76
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
...
Closes : #960271
2020-05-13 17:45:56 +02:00
195b1745c4
Avoid an ABI change for SRBDS
...
Adding the x86_cpu_id::steppings field is an ABI change. It doesn't
seem worth the trouble of another ABI bump just to be able to report
some potential future CPU steppings as invulnerable. Until we have
other change that require an ABI bump, we'll match the affected models
regardless of stepping.
Keep the reverted patch in the queue so that the reverting patch will
continue to be applied when we rebase onto a new stable update.
2020-05-05 02:21:33 +01:00
0f2a83859c
[x86] Add support for mitigation of SRBDS (CVE-2020-0543)
...
Apply the current version of the backport to 4.19.
2020-05-05 02:07:33 +01:00
136062cf83
Prepare to release linux (4.19.118-2).
2020-04-29 11:38:42 +02:00
c977ce99a1
Release linux (4.19.98-1+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6maCdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EBtYP/1W8Y1dU9kCrJyK3Nz+HFwEKoe/ha1+t
vcjf4E1TOSUh30eaKaD6GVBp7iCK/tGDBxyfUerDltmilVRDt7f9mE/4CFt3e26y
S4DtsI5paoL1O/1uqbpG+53E5TPDw7CCJNkZ22/vjK++YzToaOjJIsTtZnHNNYwd
nMYtGqhn95NiZ//nNsV4wgSF9vXIgWuWvAEY80KdmfBYUVicUz8HyZB9Q5ErH1e7
/Fi9n7U/0F+PgcZSyLhS9vwlMY36HuuemYYMBzN48J2xL/73ttwoe0MU4Aieu1yX
iVMsrVc/X5JWjHiSpsrExCYvHrRXG9v4kWMOs+piD1yFi7oxD/fNy+043jJqmyOV
hu+3RX6BkNrw1jhLzDRYbOTz8Z09BXrUnXhyWLD5Z1ZgM1K5tQV0vCsiZBqyBHTK
owSVaOSDxHWTa9zSmIDTMPN6ljaQML2G1lF6F+AUKg4hqqjydlikgpJGSmjfs3Pd
YN2I9rfCpSuovYIUQXl38g4yLZC5onhEzLqFBBfxHJClND/nf27HARs6c0f72RlU
6aHrPgZpj2JPE/r1PoUej4lyhIbFzdJIOf2b26ZUvQC+sMUsxE0SonpFQqjDZggJ
cAqM5p80gbR8zGtBStwGGo0QljHdHbrzbnYfNQC/uGph0uYTvL+6BscUzO+RnYmx
9hKy2cqOWLez
=akKy
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.98-1+deb10u1' into buster
Release linux (4.19.98-1+deb10u1).
2020-04-28 23:07:38 +02:00
f6cd3dfc5b
Prepare to release linux (4.19.98-1+deb10u1).
2020-04-27 07:05:40 +02:00
a8fc50657f
[s390x] mm: fix page table upgrade vs 2ndary address mode accesses (CVE-2020-11884)
2020-04-26 21:03:38 +02:00
3e765ace82
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (CVE-2020-11565)
2020-04-26 20:58:02 +02:00
2c376b16e6
vhost: Check docket sk_family instead of call getname (CVE-2020-10942)
2020-04-26 20:53:46 +02:00
241912ed84
vfs: fix do_last() regression
2020-04-26 20:53:45 +02:00
d3e1b6996d
do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428)
2020-04-26 20:53:45 +02:00
a688ee48fb
KVM: nVMX: Don't emulate instructions in guest mode (CVE-2020-2732)
2020-04-26 20:53:45 +02:00
f142b431b1
Prepare to release linux (4.19.118-1).
2020-04-26 14:04:11 +01:00
65ba05e78d
blktrace: fix dereference after null check
2020-04-26 11:28:32 +02:00
a5acdf855d
blktrace: Protect q->blk_trace with RCU (CVE-2019-19768)
2020-04-26 11:25:38 +02:00
6fe845e460
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749)
2020-04-26 11:20:05 +02:00
79c0009334
net: ipv6: add net argument to ip6_dst_lookup_flow
2020-04-26 11:14:36 +02:00
cfa7bd0b02
f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067)
2020-04-26 11:06:23 +02:00
01ac87b05e
Add CVE id reference for CVE-2020-11494
2020-04-24 05:55:07 +02:00
1e0b8b17f3
Update to 4.19.118
...
Cleanup debian/changelog file
Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118
2020-04-23 20:41:14 +02:00
37343cff01
Merge branch 'buster+ksm' into 'buster'
...
[buster] cloud: enable CONFIG_KSM for cloud
See merge request kernel-team/linux!229
2020-04-22 13:35:13 +00:00
f248c110af
Merge branch 'carnil/linux-4.19-stable-updates' into buster
...
WIP: 4.19 stable updates
See merge request kernel-team/linux!213
2020-04-22 14:33:44 +01:00
c2a32c869d
Bump ABI to 9
2020-04-22 04:04:25 +01:00
efae16e787
debian/changelog: Comma-separate multiple CVE IDs for the same change
2020-04-22 04:02:55 +01:00
9570b230d4
debian/changelog: Add/correct arch-qualifications for some stable changes
...
Model-specific quirks are only relevant to that model's CPU
architecture.
2020-04-22 04:02:01 +01:00
c73c46766b
debian/changelog: Delete stable changes to disabled drivers
...
There's not much point in mentioning them.
2020-04-22 03:58:05 +01:00
ee533a5333
debian/changelog: Delete stable changes that got reverted
...
There's no point in listing changes that didn't make it into this
release. Delete the summary lines for the original commits and revert
commits.
2020-04-22 03:03:04 +01:00
dd8b268c15
debian/changelog: Summarise the rt changes
...
There is no need to list every update of the rt patch set, or
resolution of conflicts that have now been resolved upstream.
However, significant changes to the patch set should be listed,
so mention the patch that was dropped.
2020-04-22 02:54:36 +01:00
6431292225
[rt] Update to 4.19.115-rt48
...
Refresh patch "pci/switchtec: Don't use completion's wait queue" which was
already done as well in previous rt patchset, due to context changes in
4.19.116 caused by 12ce9fd7fc87 ("PCI/switchtec: Fix init_completion race
condition with poll_wait()").
2020-04-21 22:25:37 +02:00
6440db7ed1
Update to 4.19.117
...
Cleanup debian/changelog file
2020-04-21 22:08:20 +02:00
57cd8ee0e1
cloud: enable CONFIG_KSM for cloud
...
Closes: 955366
2020-04-20 14:23:43 -07:00
72fdde5342
[rt] Refresh "pci/switchtec: Don't use completion's wait queue" for context changes in 4.19.116
2020-04-18 11:09:04 +02:00
1fb0eb7956
Update to 4.19.116
...
Add CVE id reference for CVE-2020-11669
Cleanup debian/changelog file
2020-04-18 11:09:02 +02:00
31d17e0e53
debian/README.source: Refer to upload checklist in kernel-team.git
...
(cherry picked from commit 68456ebc6bfabc94b05ca0771d502a2e1e5f8040)
2020-04-17 01:32:57 +01:00
5d322cdf20
[rt] Refresh "workqueue: rework" for context changes in 4.19.114
2020-04-16 23:44:57 +02:00
70cac4105f
[rt] Refresh "genirq: Handle missing work_struct in irq_set_affinity_notifier()" for context changes in 4.19.114
2020-04-16 23:38:59 +02:00
970c295c4d
[rt] Refresh "genirq: Do not invoke the affinity callback via a workqueue on RT" for context changes in 4.19.114
2020-04-16 23:38:32 +02:00
Salvatore Bonaccorso
Ben Hutchings
Ben Hutchings
Noah Meyerhans